Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/6FC9BEFEDC9111EE9551EF9C775412E6.roa
File: 6FC9BEFEDC9111EE9551EF9C775412E6.roa (raw, json)
Hash identifier: aYHMWRNz9z3gpC5v1ZMwHUkgr2mjGTlYQtQkXE2J/N4=
Subject key identifier: 3D:83:64:99:FE:E7:4A:4F:38:5F:EE:EC:7D:D5:EC:E8:AF:94:5A:2D
Certificate issuer: /CN=F36A34E4AR/serialNumber=2C671F4259707027237540BF62265A2D97EB95CB
Certificate serial: 0C
Authority key identifier: 2C:67:1F:42:59:70:70:27:23:75:40:BF:62:26:5A:2D:97:EB:95:CB
Authority info access: rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/6FC9BEFEDC9111EE9551EF9C775412E6.roa
Signing time: Thu 07 Mar 2024 14:46:10 +0000
ROA not before: Thu 07 Mar 2024 14:46:07 +0000
ROA not after: Fri 07 Mar 2025 14:46:07 +0000
asID: 37613
IP address blocks: 169.239.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.crl
rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.mft
rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 24 Nov 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36A34E4AR/serialNumber=2C671F4259707027237540BF62265A2D97EB95CB
Validity
Not Before: Mar 7 14:46:07 2024 GMT
Not After : Mar 7 14:46:07 2025 GMT
Subject: CN=65e9d332-13ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d6:47:b9:9f:18:05:e9:b9:0e:e8:67:c3:1d:
3b:3f:b1:83:1b:d3:71:35:71:ee:46:d5:2d:55:56:
77:23:46:d2:bc:9c:3b:bf:c1:5a:21:e0:d4:5a:1f:
99:95:e8:ff:6c:73:05:be:6e:e9:03:b4:2b:a3:fa:
ba:11:ab:6f:43:71:ba:e4:1f:96:ff:9f:8e:60:a2:
dc:b3:60:66:fc:b2:58:b2:45:0c:a8:50:dc:67:1d:
9e:a5:1c:f9:58:08:ae:58:91:44:e6:1a:7b:09:c4:
af:b5:2a:55:b2:0c:14:e9:2b:31:09:5f:73:c2:7d:
ad:19:33:e1:df:4b:0b:9c:bc:b6:66:6c:4e:6f:09:
54:2f:ef:c3:40:6e:54:f1:7e:dc:cd:45:08:6f:50:
a7:a6:52:76:2b:6e:a9:4e:e3:95:2e:06:af:1c:fd:
fc:28:48:0a:b7:6a:64:48:e0:b1:4e:ae:4d:7a:56:
83:44:5c:97:ae:a3:4d:1d:6a:fb:25:cd:4f:b1:5d:
57:60:ea:ad:a5:99:da:7d:9e:8e:72:2a:3f:4a:dc:
2a:9d:a8:01:b1:06:6d:7e:59:93:14:35:5c:40:40:
e5:cc:c4:16:de:6d:6b:5c:b0:e4:04:2d:fd:e7:5b:
63:d0:6f:50:35:df:93:37:e1:fc:29:72:f2:e2:53:
e2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:64:99:FE:E7:4A:4F:38:5F:EE:EC:7D:D5:EC:E8:AF:94:5A:2D
X509v3 Authority Key Identifier:
keyid:2C:67:1F:42:59:70:70:27:23:75:40:BF:62:26:5A:2D:97:EB:95:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/LGcfQllwcCcjdUC_YiZaLZfrlcs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/LGcfQllwcCcjdUC_YiZaLZfrlcs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A34E4/CC8FC36CDA3011EE9E6C98AA775412E6/6FC9BEFEDC9111EE9551EF9C775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.239.191.0/24
Signature Algorithm: sha256WithRSAEncryption
48:fa:9e:69:6d:8e:1b:f5:36:68:6b:7f:2d:73:48:6e:72:fd:
93:af:3d:69:d3:e3:d0:10:be:fa:06:27:8e:17:b6:34:2c:b7:
cf:73:ff:47:65:17:b0:59:1d:05:6f:4d:85:a6:6a:4c:b3:f7:
60:e3:af:78:35:01:3e:bc:8f:cb:ed:52:a1:c1:72:bb:60:61:
d0:c7:62:44:fb:28:a5:7c:c3:1f:f1:7d:69:92:2b:52:a3:f6:
d7:89:42:a5:90:f4:e6:7a:17:56:7e:57:51:0f:ed:d0:c2:78:
0d:a5:80:98:57:7f:cb:e4:06:52:bd:ae:e7:70:bf:64:a6:01:
a5:ed:2c:d9:c8:06:84:90:0d:37:df:71:5a:9f:76:4e:e1:52:
e3:3f:88:96:87:65:e1:21:1d:c0:51:ab:c0:78:76:d9:4d:c7:
f8:de:f0:e6:db:8a:b5:b9:79:3c:67:2b:60:34:2c:77:f6:45:
25:79:a1:4d:09:38:34:2c:be:d7:56:c5:e3:4e:2c:70:5a:ad:
e4:4c:71:fc:9a:49:ba:47:2a:ba:e8:cf:9f:93:90:ab:c7:17:
59:3b:37:1f:c0:cf:8c:04:56:49:8d:5a:89:1e:72:be:fc:07:
e2:e1:2f:49:f2:13:d4:a6:bb:be:e9:c8:f5:99:73:7a:c2:ba:
b7:f2:e8:21
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
MzRFNEFSMTEwLwYDVQQFEygyQzY3MUY0MjU5NzA3MDI3MjM3NTQwQkY2MjI2NUEy
RDk3RUI5NUNCMB4XDTI0MDMwNzE0NDYwN1oXDTI1MDMwNzE0NDYwN1owGDEWMBQG
A1UEAxMNNjVlOWQzMzItMTNiYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPfWR7mfGAXpuQ7oZ8MdOz+xgxvTcTVx7kbVLVVWdyNG0rycO7/BWiHg1Fof
mZXo/2xzBb5u6QO0K6P6uhGrb0NxuuQflv+fjmCi3LNgZvyyWLJFDKhQ3GcdnqUc
+VgIrliRROYaewnEr7UqVbIMFOkrMQlfc8J9rRkz4d9LC5y8tmZsTm8JVC/vw0Bu
VPF+3M1FCG9Qp6ZSdituqU7jlS4Grxz9/ChICrdqZEjgsU6uTXpWg0Rcl66jTR1q
+yXNT7FdV2DqraWZ2n2ejnIqP0rcKp2oAbEGbX5ZkxQ1XEBA5czEFt5ta1yw5AQt
/edbY9BvUDXfkzfh/Cly8uJT4rUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQ9g2SZ
/udKTzhf7ux91ezor5RaLTAfBgNVHSMEGDAWgBQsZx9CWXBwJyN1QL9iJlotl+uV
yzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTM0RTQvQ0M4RkMzNkNEQTMwMTFFRTlFNkM5OEFBNzc1NDEyRTYvTEdjZlFs
bHdjQ2NqZFVDX1lpWmFMWmZybGNzLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
TEdjZlFsbHdjQ2NqZFVDX1lpWmFMWmZybGNzLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QTM0RTQvQ0M4RkMzNkNEQTMwMTFFRTlFNkM5OEFBNzc1NDEy
RTYvNkZDOUJFRkVEQzkxMTFFRTk1NTFFRjlDNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKnvvzANBgkqhkiG9w0BAQsFAAOC
AQEASPqeaW2OG/U2aGt/LXNIbnL9k689adPj0BC++gYnjhe2NCy3z3P/R2UXsFkd
BW9NhaZqTLP3YOOveDUBPryPy+1SocFyu2Bh0MdiRPsopXzDH/F9aZIrUqP214lC
pZD05noXVn5XUQ/t0MJ4DaWAmFd/y+QGUr2u53C/ZKYBpe0s2cgGhJANN99xWp92
TuFS4z+Ilodl4SEdwFGrwHh22U3H+N7w5tuKtbl5PGcrYDQsd/ZFJXmhTQk4NCy+
11bF404scFqt5Exx/JpJukcquujPn5OQq8cXWTs3H8DPjARWSY1aiR5yvvwH4uEv
SfIT1Ka7vunI9ZlzesK6t/LoIQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:58 2024 by rpki-client on console-fra.rpki-client.org